[dpdk-dev] [PATCH] crypto/dpaa_sec: add check for segmented buffer

[dpdk-dev] [PATCH] crypto/dpaa_sec: add check for segmented buffer

[alok.makhariya]

From: Alok Makhariya <alok.makhariya@nxp.com>

The code would crash in case of segmented buffer if no check

Fixes: 89aaf708d44b ("crypto/dpaa_sec: add crypto driver for NXP DPAA platform")

Signed-off-by: Alok Makhariya <alok.makhariya@nxp.com>
---
 drivers/crypto/dpaa_sec/dpaa_sec.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c b/drivers/crypto/dpaa_sec/dpaa_sec.c
index 7b9a683..8a57b96 100644
--- a/drivers/crypto/dpaa_sec/dpaa_sec.c
+++ b/drivers/crypto/dpaa_sec/dpaa_sec.c
@@ -893,6 +893,13 @@ dpaa_sec_enqueue_op(struct rte_crypto_op *op,  struct dpaa_sec_qp *qp)
 			return ret;
 	}
 
+	/*
+	 * Segmented buffer is not supported.
+	 */
+        if (!rte_pktmbuf_is_contiguous(op->sym->m_src)) {
+                op->status = RTE_CRYPTO_OP_STATUS_ERROR;
+                return -ENOTSUP;
+        }
 	if (is_auth_only(ses)) {
 		cf = build_auth_only(op, ses);
 	} else if (is_cipher_only(ses)) {
-- 
2.9.3

[dpdk-dev] [PATCH] crypto/dpaa2_sec: add check for segmented buffer

[alok.makhariya]

From: Alok Makhariya <alok.makhariya@nxp.com>

The code would crash for segmented buffer if no check.

Fixes: 8d1f3a5d751b ("crypto/dpaa2_sec: support crypto operation")
Cc: stable@dpdk.org

Signed-off-by: Alok Makhariya <alok.makhariya@nxp.com>
---
 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
index 672cacf..9895300 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
@@ -551,7 +551,13 @@ build_sec_fd(dpaa2_sec_session *sess, struct rte_crypto_op *op,
 	int ret = -1;
 
 	PMD_INIT_FUNC_TRACE();
-
+	/*
+	 * Segmented buffer is not supported.
+	 */
+        if (!rte_pktmbuf_is_contiguous(op->sym->m_src)) {
+                op->status = RTE_CRYPTO_OP_STATUS_ERROR;
+                return -ENOTSUP;
+        }
 	switch (sess->ctxt_type) {
 	case DPAA2_SEC_CIPHER:
 		ret = build_cipher_fd(sess, op, fd, bpid);
-- 
2.9.3

[dpdk-dev] [PATCH] crypto/dpaa_sec: remove memset of icv on decryption side

[alok.makhariya]

From: Alok Makhariya <alok.makhariya@nxp.com>

Since the packet lengths are modified. It is not required to
explicitly reset the icv.
Fixes: 89aaf708d44b ("crypto/dpaa_sec: add crypto driver for NXP DPAA platform")

Signed-off-by: Alok Makhariya <alok.makhariya@nxp.com>
---
 drivers/crypto/dpaa_sec/dpaa_sec.c | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c b/drivers/crypto/dpaa_sec/dpaa_sec.c
index 8a57b96..b618b59 100644
--- a/drivers/crypto/dpaa_sec/dpaa_sec.c
+++ b/drivers/crypto/dpaa_sec/dpaa_sec.c
@@ -598,7 +598,6 @@ build_auth_only(struct rte_crypto_op *op, dpaa_sec_session *ses)
 		/* hash result or digest, save digest first */
 		rte_memcpy(old_digest, sym->auth.digest.data,
 			   ses->digest_length);
-		memset(sym->auth.digest.data, 0, ses->digest_length);
 		qm_sg_entry_set64(sg, start_addr + sym->auth.data.offset);
 		sg->length = sym->auth.data.length;
 		cpu_to_hw_sg(sg);
@@ -738,7 +737,6 @@ build_cipher_auth_gcm(struct rte_crypto_op *op, dpaa_sec_session *ses)
 
 		memcpy(ctx->digest, sym->aead.digest.data,
 		       ses->digest_length);
-		memset(sym->aead.digest.data, 0, ses->digest_length);
 		sg++;
 
 		qm_sg_entry_set64(sg, dpaa_mem_vtop(ctx->digest));
@@ -832,7 +830,6 @@ build_cipher_auth(struct rte_crypto_op *op, dpaa_sec_session *ses)
 
 		memcpy(ctx->digest, sym->auth.digest.data,
 		       ses->digest_length);
-		memset(sym->auth.digest.data, 0, ses->digest_length);
 		sg++;
 
 		qm_sg_entry_set64(sg, dpaa_mem_vtop(ctx->digest));
-- 
2.9.3

[dpdk-dev] [PATCH] crypto/dpaa2_sec: remove memset of icv on decryption side

[alok.makhariya]

From: Alok Makhariya <alok.makhariya@nxp.com>

Since the packet lengths are modified. It is not required to
explicitly reset the icv.

Fixes: 13273250eec5 ("crypto/dpaa2_sec: support AES-GCM and CTR")
Fixes: 8d1f3a5d751b ("crypto/dpaa2_sec: support crypto operation")
Cc: stable@dpdk.org

Signed-off-by: Alok Makhariya <alok.makhariya@nxp.com>
---
 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
index 9895300..62b9203 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
@@ -203,7 +203,6 @@ build_authenc_gcm_fd(dpaa2_sec_session *sess,
 		old_icv = (uint8_t *)(sge + 1);
 		memcpy(old_icv,	sym_op->aead.digest.data,
 		       sess->digest_length);
-		memset(sym_op->aead.digest.data, 0, sess->digest_length);
 		DPAA2_SET_FLE_ADDR(sge, DPAA2_VADDR_TO_IOVA(old_icv));
 		sge->length = sess->digest_length;
 		DPAA2_SET_FD_LEN(fd, (sym_op->aead.data.length +
@@ -342,7 +341,6 @@ build_authenc_fd(dpaa2_sec_session *sess,
 		old_icv = (uint8_t *)(sge + 1);
 		memcpy(old_icv,	sym_op->auth.digest.data,
 		       sess->digest_length);
-		memset(sym_op->auth.digest.data, 0, sess->digest_length);
 		DPAA2_SET_FLE_ADDR(sge, DPAA2_VADDR_TO_IOVA(old_icv));
 		sge->length = sess->digest_length;
 		DPAA2_SET_FD_LEN(fd, (sym_op->auth.data.length +
@@ -436,7 +434,6 @@ build_auth_fd(dpaa2_sec_session *sess, struct rte_crypto_op *op,
 		old_digest = (uint8_t *)(sge + 1);
 		rte_memcpy(old_digest, sym_op->auth.digest.data,
 			   sess->digest_length);
-		memset(sym_op->auth.digest.data, 0, sess->digest_length);
 		DPAA2_SET_FLE_ADDR(sge, DPAA2_VADDR_TO_IOVA(old_digest));
 		sge->length = sess->digest_length;
 		fle->length = sym_op->auth.data.length +
-- 
2.9.3

[dpdk-dev] [PATCH] crypto/dpaa2_sec: add support for out of place buffers

[alok.makhariya]

From: Alok Makhariya <alok.makhariya@nxp.com>

Enable out of place buffer test cases in nxp dpaa2_sec

Signed-off-by: Alok Makhariya <alok.makhariya@nxp.com>
---
 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 42 +++++++++++++++++++++++------
 test/test/test_cryptodev.c                  |  6 +++++
 test/test/test_cryptodev_aes_test_vectors.h | 12 ++++++---
 test/test/test_cryptodev_des_test_vectors.h |  6 +++--
 4 files changed, 52 insertions(+), 14 deletions(-)

diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
index 62b9203..d466979 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
@@ -90,11 +90,17 @@ build_authenc_gcm_fd(dpaa2_sec_session *sess,
 	uint32_t auth_only_len = sess->ext_params.aead_ctxt.auth_only_len;
 	int icv_len = sess->digest_length, retval;
 	uint8_t *old_icv;
+	struct rte_mbuf *dst;
 	uint8_t *IV_ptr = rte_crypto_op_ctod_offset(op, uint8_t *,
 			sess->iv.offset);
 
 	PMD_INIT_FUNC_TRACE();
 
+	if (sym_op->m_dst)
+		dst = sym_op->m_dst;
+	else
+		dst = sym_op->m_src;
+
 	/* TODO we are using the first FLE entry to store Mbuf and session ctxt.
 	 * Currently we donot know which FLE has the mbuf stored.
 	 * So while retreiving we can go back 1 FLE from the FD -ADDR
@@ -155,9 +161,9 @@ build_authenc_gcm_fd(dpaa2_sec_session *sess,
 	DPAA2_SET_FLE_SG_EXT(fle);
 
 	/* Configure Output SGE for Encap/Decap */
-	DPAA2_SET_FLE_ADDR(sge, DPAA2_MBUF_VADDR_TO_IOVA(sym_op->m_src));
+	DPAA2_SET_FLE_ADDR(sge, DPAA2_MBUF_VADDR_TO_IOVA(dst));
 	DPAA2_SET_FLE_OFFSET(sge, sym_op->aead.data.offset +
-				sym_op->m_src->data_off - auth_only_len);
+				dst->data_off - auth_only_len);
 	sge->length = sym_op->aead.data.length + auth_only_len;
 
 	if (sess->dir == DIR_ENC) {
@@ -235,9 +241,15 @@ build_authenc_fd(dpaa2_sec_session *sess,
 	uint8_t *old_icv;
 	uint8_t *iv_ptr = rte_crypto_op_ctod_offset(op, uint8_t *,
 			sess->iv.offset);
+	struct rte_mbuf *dst;
 
 	PMD_INIT_FUNC_TRACE();
 
+	if (sym_op->m_dst)
+		dst = sym_op->m_dst;
+	else
+		dst = sym_op->m_src;
+
 	/* we are using the first FLE entry to store Mbuf.
 	 * Currently we donot know which FLE has the mbuf stored.
 	 * So while retreiving we can go back 1 FLE from the FD -ADDR
@@ -300,9 +312,9 @@ build_authenc_fd(dpaa2_sec_session *sess,
 	DPAA2_SET_FLE_SG_EXT(fle);
 
 	/* Configure Output SGE for Encap/Decap */
-	DPAA2_SET_FLE_ADDR(sge, DPAA2_MBUF_VADDR_TO_IOVA(sym_op->m_src));
+	DPAA2_SET_FLE_ADDR(sge, DPAA2_MBUF_VADDR_TO_IOVA(dst));
 	DPAA2_SET_FLE_OFFSET(sge, sym_op->cipher.data.offset +
-				sym_op->m_src->data_off);
+				dst->data_off);
 	sge->length = sym_op->cipher.data.length;
 
 	if (sess->dir == DIR_ENC) {
@@ -456,9 +468,15 @@ build_cipher_fd(dpaa2_sec_session *sess, struct rte_crypto_op *op,
 	struct ctxt_priv *priv = sess->ctxt;
 	uint8_t *iv_ptr = rte_crypto_op_ctod_offset(op, uint8_t *,
 			sess->iv.offset);
+	struct rte_mbuf *dst;
 
 	PMD_INIT_FUNC_TRACE();
 
+	if (sym_op->m_dst)
+		dst = sym_op->m_dst;
+	else
+		dst = sym_op->m_src;
+
 	retval = rte_mempool_get(priv->fle_pool, (void **)(&fle));
 	if (retval) {
 		RTE_LOG(ERR, PMD, "Memory alloc failed for SGE\n");
@@ -503,9 +521,9 @@ build_cipher_fd(dpaa2_sec_session *sess, struct rte_crypto_op *op,
 		   sess->iv.length,
 		   sym_op->m_src->data_off);
 
-	DPAA2_SET_FLE_ADDR(fle, DPAA2_MBUF_VADDR_TO_IOVA(sym_op->m_src));
+	DPAA2_SET_FLE_ADDR(fle, DPAA2_MBUF_VADDR_TO_IOVA(dst));
 	DPAA2_SET_FLE_OFFSET(fle, sym_op->cipher.data.offset +
-			     sym_op->m_src->data_off);
+			     dst->data_off);
 
 	fle->length = sym_op->cipher.data.length + sess->iv.length;
 
@@ -657,6 +675,7 @@ sec_fd_to_mbuf(const struct qbman_fd *fd)
 	struct qbman_fle *fle;
 	struct rte_crypto_op *op;
 	struct ctxt_priv *priv;
+	struct rte_mbuf *dst, *src;
 
 	fle = (struct qbman_fle *)DPAA2_IOVA_TO_VADDR(DPAA2_GET_FD_ADDR(fd));
 
@@ -679,10 +698,17 @@ sec_fd_to_mbuf(const struct qbman_fd *fd)
 			DPAA2_GET_FLE_ADDR((fle - 1)));
 
 	/* Prefeth op */
-	rte_prefetch0(op->sym->m_src);
+	src = op->sym->m_src;
+	rte_prefetch0(src);
+
+	if (op->sym->m_dst) {
+		dst = op->sym->m_dst;
+		rte_prefetch0(dst);
+	} else
+		dst = src;
 
 	PMD_RX_LOG(DEBUG, "mbuf %p BMAN buf addr %p",
-		   (void *)op->sym->m_src, op->sym->m_src->buf_addr);
+		   (void *)dst, dst->buf_addr);
 
 	PMD_RX_LOG(DEBUG, "fdaddr =%p bpid =%d meta =%d off =%d, len =%d",
 		   (void *)DPAA2_GET_FD_ADDR(fd),
diff --git a/test/test/test_cryptodev.c b/test/test/test_cryptodev.c
index df84430..f889ecd 100644
--- a/test/test/test_cryptodev.c
+++ b/test/test/test_cryptodev.c
@@ -8837,6 +8837,12 @@ static struct unit_test_suite cryptodev_openssl_testsuite  = {
 		TEST_CASE_ST(ut_setup, ut_teardown,
 			auth_decryption_AES128CBC_HMAC_SHA1_fail_tag_corrupt),
 
+		/** Out of place tests */
+		TEST_CASE_ST(ut_setup, ut_teardown,
+			test_mb_AES_GCM_authenticated_encryption_oop),
+		TEST_CASE_ST(ut_setup, ut_teardown,
+			test_mb_AES_GCM_authenticated_decryption_oop),
+
 		TEST_CASES_END() /**< NULL terminate unit test array */
 	}
 };
diff --git a/test/test/test_cryptodev_aes_test_vectors.h b/test/test/test_cryptodev_aes_test_vectors.h
index 0c7e48f..32c5deb 100644
--- a/test/test/test_cryptodev_aes_test_vectors.h
+++ b/test/test/test_cryptodev_aes_test_vectors.h
@@ -1431,7 +1431,8 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_ARMV8 |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
-			BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL
+			BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
+			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC
 	},
 	{
 		.test_descr = "AES-128-CBC HMAC-SHA1 Decryption Digest "
@@ -1441,7 +1442,8 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_ARMV8 |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
-			BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL
+			BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
+			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC
 	},
 	{
 		.test_descr = "AES-128-CBC HMAC-SHA224 Encryption Digest",
@@ -1591,7 +1593,8 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 		.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
-			BLOCKCIPHER_TEST_TARGET_PMD_QAT
+			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC
 	},
 	{
 		.test_descr = "AES-256-CBC OOP Decryption",
@@ -1599,7 +1602,8 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 		.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
-			BLOCKCIPHER_TEST_TARGET_PMD_QAT
+			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC
 	},
 	{
 		.test_descr = "AES-128-CTR Encryption",
diff --git a/test/test/test_cryptodev_des_test_vectors.h b/test/test/test_cryptodev_des_test_vectors.h
index ebf8869..e4efd23 100644
--- a/test/test/test_cryptodev_des_test_vectors.h
+++ b/test/test/test_cryptodev_des_test_vectors.h
@@ -1181,7 +1181,8 @@ static const struct blockcipher_test_case triple_des_chain_test_cases[] = {
 		.op_mask = BLOCKCIPHER_TEST_OP_ENC_AUTH_GEN,
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
-			BLOCKCIPHER_TEST_TARGET_PMD_QAT
+			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC
 	},
 	{
 		.test_descr = "3DES-128-CBC HMAC-SHA1 Decryption Digest"
@@ -1190,7 +1191,8 @@ static const struct blockcipher_test_case triple_des_chain_test_cases[] = {
 		.op_mask = BLOCKCIPHER_TEST_OP_AUTH_VERIFY_DEC,
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
-			BLOCKCIPHER_TEST_TARGET_PMD_QAT
+			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC
 	},
 	{
 		.test_descr = "3DES-128-CBC HMAC-SHA1 Encryption Digest"
-- 
2.9.3

[dpdk-dev] [PATCH] crypto/dpaa_sec: add support for out of place buffers

[alok.makhariya]

From: Alok Makhariya <alok.makhariya@nxp.com>

Enable out of place buffer test cases in dpaa_sec

Signed-off-by: Alok Makhariya <alok.makhariya@nxp.com>
---
 drivers/crypto/dpaa_sec/dpaa_sec.c          | 45 +++++++++++++++++++----------
 test/test/test_cryptodev.c                  |  6 ++++
 test/test/test_cryptodev_aes_test_vectors.h | 12 +++++---
 test/test/test_cryptodev_des_test_vectors.h |  6 ++--
 4 files changed, 47 insertions(+), 22 deletions(-)

diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c b/drivers/crypto/dpaa_sec/dpaa_sec.c
index b618b59..70db1bc 100644
--- a/drivers/crypto/dpaa_sec/dpaa_sec.c
+++ b/drivers/crypto/dpaa_sec/dpaa_sec.c
@@ -623,11 +623,10 @@ static inline struct dpaa_sec_job *
 build_cipher_only(struct rte_crypto_op *op, dpaa_sec_session *ses)
 {
 	struct rte_crypto_sym_op *sym = op->sym;
-	struct rte_mbuf *mbuf = sym->m_src;
 	struct dpaa_sec_job *cf;
 	struct dpaa_sec_op_ctx *ctx;
 	struct qm_sg_entry *sg;
-	phys_addr_t start_addr;
+	phys_addr_t src_start_addr, dst_start_addr;
 	uint8_t *IV_ptr = rte_crypto_op_ctod_offset(op, uint8_t *,
 			ses->iv.offset);
 
@@ -639,9 +638,16 @@ build_cipher_only(struct rte_crypto_op *op, dpaa_sec_session *ses)
 	ctx->op = op;
 	start_addr = rte_pktmbuf_mtophys(mbuf);
 
+	src_start_addr = rte_pktmbuf_mtophys(sym->m_src);
+
+	if (sym->m_dst)
+		dst_start_addr = rte_pktmbuf_mtophys(sym->m_dst);
+	else
+		dst_start_addr = src_start_addr;
+
 	/* output */
 	sg = &cf->sg[0];
-	qm_sg_entry_set64(sg, start_addr + sym->cipher.data.offset);
+	qm_sg_entry_set64(sg, dst_start_addr + sym->cipher.data.offset);
 	sg->length = sym->cipher.data.length + ses->iv.length;
 	cpu_to_hw_sg(sg);
 
@@ -661,7 +667,7 @@ build_cipher_only(struct rte_crypto_op *op, dpaa_sec_session *ses)
 	cpu_to_hw_sg(sg);
 
 	sg++;
-	qm_sg_entry_set64(sg, start_addr + sym->cipher.data.offset);
+	qm_sg_entry_set64(sg, src_start_addr + sym->cipher.data.offset);
 	sg->length = sym->cipher.data.length;
 	sg->final = 1;
 	cpu_to_hw_sg(sg);
@@ -673,16 +679,20 @@ static inline struct dpaa_sec_job *
 build_cipher_auth_gcm(struct rte_crypto_op *op, dpaa_sec_session *ses)
 {
 	struct rte_crypto_sym_op *sym = op->sym;
-	struct rte_mbuf *mbuf = sym->m_src;
 	struct dpaa_sec_job *cf;
 	struct dpaa_sec_op_ctx *ctx;
 	struct qm_sg_entry *sg;
-	phys_addr_t start_addr;
 	uint32_t length = 0;
+	phys_addr_t src_start_addr, dst_start_addr;
 	uint8_t *IV_ptr = rte_crypto_op_ctod_offset(op, uint8_t *,
 			ses->iv.offset);
 
-	start_addr = mbuf->buf_physaddr + mbuf->data_off;
+	src_start_addr = sym->m_src->buf_physaddr + sym->m_src->data_off;
+
+	if (sym->m_dst)
+		dst_start_addr = sym->m_dst->buf_physaddr + sym->m_dst->data_off;
+	else
+		dst_start_addr = src_start_addr;
 
 	ctx = dpaa_sec_alloc_ctx(ses);
 	if (!ctx)
@@ -710,7 +720,7 @@ build_cipher_auth_gcm(struct rte_crypto_op *op, dpaa_sec_session *ses)
 			cpu_to_hw_sg(sg);
 			sg++;
 		}
-		qm_sg_entry_set64(sg, start_addr + sym->aead.data.offset);
+		qm_sg_entry_set64(sg, src_start_addr + sym->aead.data.offset);
 		sg->length = sym->aead.data.length;
 		length += sg->length;
 		sg->final = 1;
@@ -730,7 +740,7 @@ build_cipher_auth_gcm(struct rte_crypto_op *op, dpaa_sec_session *ses)
 			cpu_to_hw_sg(sg);
 			sg++;
 		}
-		qm_sg_entry_set64(sg, start_addr + sym->aead.data.offset);
+		qm_sg_entry_set64(sg, src_start_addr + sym->aead.data.offset);
 		sg->length = sym->aead.data.length;
 		length += sg->length;
 		cpu_to_hw_sg(sg);
@@ -755,7 +765,7 @@ build_cipher_auth_gcm(struct rte_crypto_op *op, dpaa_sec_session *ses)
 	sg++;
 	qm_sg_entry_set64(&cf->sg[0], dpaa_mem_vtop(sg));
 	qm_sg_entry_set64(sg,
-		start_addr + sym->aead.data.offset - ses->auth_only_len);
+		dst_start_addr + sym->aead.data.offset - ses->auth_only_len);
 	sg->length = sym->aead.data.length + ses->auth_only_len;
 	length = sg->length;
 	if (is_encode(ses)) {
@@ -781,16 +791,19 @@ static inline struct dpaa_sec_job *
 build_cipher_auth(struct rte_crypto_op *op, dpaa_sec_session *ses)
 {
 	struct rte_crypto_sym_op *sym = op->sym;
-	struct rte_mbuf *mbuf = sym->m_src;
 	struct dpaa_sec_job *cf;
 	struct dpaa_sec_op_ctx *ctx;
 	struct qm_sg_entry *sg;
-	phys_addr_t start_addr;
+	phys_addr_t src_start_addr, dst_start_addr;
 	uint32_t length = 0;
 	uint8_t *IV_ptr = rte_crypto_op_ctod_offset(op, uint8_t *,
 			ses->iv.offset);
 
-	start_addr = mbuf->buf_physaddr + mbuf->data_off;
+	src_start_addr = mbuf->buf_physaddr + mbuf->data_off;
+	if (sym->m_dst)
+		dst_start_addr = sym->m_dst->buf_physaddr + sym->m_dst->data_off;
+	else
+		dst_start_addr = src_start_addr;
 
 	ctx = dpaa_sec_alloc_ctx(ses);
 	if (!ctx)
@@ -810,7 +823,7 @@ build_cipher_auth(struct rte_crypto_op *op, dpaa_sec_session *ses)
 		cpu_to_hw_sg(sg);
 
 		sg++;
-		qm_sg_entry_set64(sg, start_addr + sym->auth.data.offset);
+		qm_sg_entry_set64(sg, src_start_addr + sym->auth.data.offset);
 		sg->length = sym->auth.data.length;
 		length += sg->length;
 		sg->final = 1;
@@ -823,7 +836,7 @@ build_cipher_auth(struct rte_crypto_op *op, dpaa_sec_session *ses)
 
 		sg++;
 
-		qm_sg_entry_set64(sg, start_addr + sym->auth.data.offset);
+		qm_sg_entry_set64(sg, src_start_addr + sym->auth.data.offset);
 		sg->length = sym->auth.data.length;
 		length += sg->length;
 		cpu_to_hw_sg(sg);
@@ -847,7 +860,7 @@ build_cipher_auth(struct rte_crypto_op *op, dpaa_sec_session *ses)
 	/* output */
 	sg++;
 	qm_sg_entry_set64(&cf->sg[0], dpaa_mem_vtop(sg));
-	qm_sg_entry_set64(sg, start_addr + sym->cipher.data.offset);
+	qm_sg_entry_set64(sg, dst_start_addr + sym->cipher.data.offset);
 	sg->length = sym->cipher.data.length;
 	length = sg->length;
 	if (is_encode(ses)) {
diff --git a/test/test/test_cryptodev.c b/test/test/test_cryptodev.c
index f889ecd..72584ab 100644
--- a/test/test/test_cryptodev.c
+++ b/test/test/test_cryptodev.c
@@ -8629,6 +8629,12 @@ static struct unit_test_suite cryptodev_aesni_mb_testsuite  = {
 		TEST_CASE_ST(ut_setup, ut_teardown,
 						test_DES_docsis_mb_all),
 
+		/** Out of place tests */
+		TEST_CASE_ST(ut_setup, ut_teardown,
+			test_mb_AES_GCM_authenticated_encryption_oop),
+		TEST_CASE_ST(ut_setup, ut_teardown,
+			test_mb_AES_GCM_authenticated_decryption_oop),
+
 		TEST_CASES_END() /**< NULL terminate unit test array */
 	}
 };
diff --git a/test/test/test_cryptodev_aes_test_vectors.h b/test/test/test_cryptodev_aes_test_vectors.h
index 32c5deb..54ac8d6 100644
--- a/test/test/test_cryptodev_aes_test_vectors.h
+++ b/test/test/test_cryptodev_aes_test_vectors.h
@@ -1432,7 +1432,8 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_ARMV8 |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
-			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC
+			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC
 	},
 	{
 		.test_descr = "AES-128-CBC HMAC-SHA1 Decryption Digest "
@@ -1443,7 +1444,8 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_ARMV8 |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
-			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC
+			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC
 	},
 	{
 		.test_descr = "AES-128-CBC HMAC-SHA224 Encryption Digest",
@@ -1594,7 +1596,8 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
-			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC
+			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC
 	},
 	{
 		.test_descr = "AES-256-CBC OOP Decryption",
@@ -1603,7 +1606,8 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
-			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC
+			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC
 	},
 	{
 		.test_descr = "AES-128-CTR Encryption",
diff --git a/test/test/test_cryptodev_des_test_vectors.h b/test/test/test_cryptodev_des_test_vectors.h
index e4efd23..259a540 100644
--- a/test/test/test_cryptodev_des_test_vectors.h
+++ b/test/test/test_cryptodev_des_test_vectors.h
@@ -1182,7 +1182,8 @@ static const struct blockcipher_test_case triple_des_chain_test_cases[] = {
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
-			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC
+			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC
 	},
 	{
 		.test_descr = "3DES-128-CBC HMAC-SHA1 Decryption Digest"
@@ -1192,7 +1193,8 @@ static const struct blockcipher_test_case triple_des_chain_test_cases[] = {
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
-			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC
+			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC
 	},
 	{
 		.test_descr = "3DES-128-CBC HMAC-SHA1 Encryption Digest"
-- 
2.9.3

Re: [dpdk-dev] [PATCH] crypto/dpaa_sec: remove memset of icv on decryption side

[Akhil Goyal]

On 10/12/2017 6:37 PM, alok.makhariya@nxp.com wrote:
> From: Alok Makhariya <alok.makhariya@nxp.com>
> 
> Since the packet lengths are modified. It is not required to
> explicitly reset the icv.
> Fixes: 89aaf708d44b ("crypto/dpaa_sec: add crypto driver for NXP DPAA platform")
> 
> Signed-off-by: Alok Makhariya <alok.makhariya@nxp.com>
> ---
>   drivers/crypto/dpaa_sec/dpaa_sec.c | 3 ---
>   1 file changed, 3 deletions(-)
> 
> diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c b/drivers/crypto/dpaa_sec/dpaa_sec.c
> index 8a57b96..b618b59 100644
> --- a/drivers/crypto/dpaa_sec/dpaa_sec.c
> +++ b/drivers/crypto/dpaa_sec/dpaa_sec.c
> @@ -598,7 +598,6 @@ build_auth_only(struct rte_crypto_op *op, dpaa_sec_session *ses)
>   		/* hash result or digest, save digest first */
>   		rte_memcpy(old_digest, sym->auth.digest.data,
>   			   ses->digest_length);
> -		memset(sym->auth.digest.data, 0, ses->digest_length);
>   		qm_sg_entry_set64(sg, start_addr + sym->auth.data.offset);
>   		sg->length = sym->auth.data.length;
>   		cpu_to_hw_sg(sg);
> @@ -738,7 +737,6 @@ build_cipher_auth_gcm(struct rte_crypto_op *op, dpaa_sec_session *ses)
>   
>   		memcpy(ctx->digest, sym->aead.digest.data,
>   		       ses->digest_length);
> -		memset(sym->aead.digest.data, 0, ses->digest_length);
>   		sg++;
>   
>   		qm_sg_entry_set64(sg, dpaa_mem_vtop(ctx->digest));
> @@ -832,7 +830,6 @@ build_cipher_auth(struct rte_crypto_op *op, dpaa_sec_session *ses)
>   
>   		memcpy(ctx->digest, sym->auth.digest.data,
>   		       ses->digest_length);
> -		memset(sym->auth.digest.data, 0, ses->digest_length);
>   		sg++;
>   
>   		qm_sg_entry_set64(sg, dpaa_mem_vtop(ctx->digest));
> 
Acked-by Akhil Goyal <akhil.goyal@nxp.com>

Re: [dpdk-dev] [PATCH] crypto/dpaa2_sec: remove memset of icv on decryption side

[Akhil Goyal]

On 10/12/2017 6:37 PM, alok.makhariya@nxp.com wrote:
> From: Alok Makhariya <alok.makhariya@nxp.com>
> 
> Since the packet lengths are modified. It is not required to
> explicitly reset the icv.
> 
> Fixes: 13273250eec5 ("crypto/dpaa2_sec: support AES-GCM and CTR")
> Fixes: 8d1f3a5d751b ("crypto/dpaa2_sec: support crypto operation")
> Cc: stable@dpdk.org
> 
> Signed-off-by: Alok Makhariya <alok.makhariya@nxp.com>
> ---
>   drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 3 ---
>   1 file changed, 3 deletions(-)
> 
> diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
> index 9895300..62b9203 100644
> --- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
> +++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
> @@ -203,7 +203,6 @@ build_authenc_gcm_fd(dpaa2_sec_session *sess,
>   		old_icv = (uint8_t *)(sge + 1);
>   		memcpy(old_icv,	sym_op->aead.digest.data,
>   		       sess->digest_length);
> -		memset(sym_op->aead.digest.data, 0, sess->digest_length);
>   		DPAA2_SET_FLE_ADDR(sge, DPAA2_VADDR_TO_IOVA(old_icv));
>   		sge->length = sess->digest_length;
>   		DPAA2_SET_FD_LEN(fd, (sym_op->aead.data.length +
> @@ -342,7 +341,6 @@ build_authenc_fd(dpaa2_sec_session *sess,
>   		old_icv = (uint8_t *)(sge + 1);
>   		memcpy(old_icv,	sym_op->auth.digest.data,
>   		       sess->digest_length);
> -		memset(sym_op->auth.digest.data, 0, sess->digest_length);
>   		DPAA2_SET_FLE_ADDR(sge, DPAA2_VADDR_TO_IOVA(old_icv));
>   		sge->length = sess->digest_length;
>   		DPAA2_SET_FD_LEN(fd, (sym_op->auth.data.length +
> @@ -436,7 +434,6 @@ build_auth_fd(dpaa2_sec_session *sess, struct rte_crypto_op *op,
>   		old_digest = (uint8_t *)(sge + 1);
>   		rte_memcpy(old_digest, sym_op->auth.digest.data,
>   			   sess->digest_length);
> -		memset(sym_op->auth.digest.data, 0, sess->digest_length);
>   		DPAA2_SET_FLE_ADDR(sge, DPAA2_VADDR_TO_IOVA(old_digest));
>   		sge->length = sess->digest_length;
>   		fle->length = sym_op->auth.data.length +
> 

 >
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>

Re: [dpdk-dev] [PATCH] crypto/dpaa2_sec: add support for out of place buffers

[Akhil Goyal]

On 10/12/2017 6:37 PM, alok.makhariya@nxp.com wrote:
> From: Alok Makhariya <alok.makhariya@nxp.com>
> 
> Enable out of place buffer test cases in nxp dpaa2_sec
> 
> Signed-off-by: Alok Makhariya <alok.makhariya@nxp.com>
> ---
>   drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 42 +++++++++++++++++++++++------
>   test/test/test_cryptodev.c                  |  6 +++++
>   test/test/test_cryptodev_aes_test_vectors.h | 12 ++++++---
>   test/test/test_cryptodev_des_test_vectors.h |  6 +++--
>   4 files changed, 52 insertions(+), 14 deletions(-)
> 

Acked-by: Akhil Goyal <akhil.goyal@nxp.com>

Re: [dpdk-dev] [PATCH] crypto/dpaa_sec: add support for out of place buffers

[Akhil Goyal]

On 10/12/2017 6:37 PM, alok.makhariya@nxp.com wrote:
> From: Alok Makhariya <alok.makhariya@nxp.com>
> 
> Enable out of place buffer test cases in dpaa_sec
> 
> Signed-off-by: Alok Makhariya <alok.makhariya@nxp.com>
> ---
>   drivers/crypto/dpaa_sec/dpaa_sec.c          | 45 +++++++++++++++++++----------
>   test/test/test_cryptodev.c                  |  6 ++++
>   test/test/test_cryptodev_aes_test_vectors.h | 12 +++++---
>   test/test/test_cryptodev_des_test_vectors.h |  6 ++--
>   4 files changed, 47 insertions(+), 22 deletions(-)
> 

Acked-by: Akhil Goyal <akhil.goyal@nxp.com>

Re: [dpdk-dev] [PATCH] crypto/dpaa_sec: add check for segmented buffer

[Akhil Goyal]

On 10/12/2017 6:37 PM, alok.makhariya@nxp.com wrote:
> From: Alok Makhariya <alok.makhariya@nxp.com>
> 
> The code would crash in case of segmented buffer if no check
> 
> Fixes: 89aaf708d44b ("crypto/dpaa_sec: add crypto driver for NXP DPAA platform")
> 
> Signed-off-by: Alok Makhariya <alok.makhariya@nxp.com>
> ---
>   drivers/crypto/dpaa_sec/dpaa_sec.c | 7 +++++++
>   1 file changed, 7 insertions(+)
> 
> diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c b/drivers/crypto/dpaa_sec/dpaa_sec.c
> index 7b9a683..8a57b96 100644
> --- a/drivers/crypto/dpaa_sec/dpaa_sec.c
> +++ b/drivers/crypto/dpaa_sec/dpaa_sec.c
> @@ -893,6 +893,13 @@ dpaa_sec_enqueue_op(struct rte_crypto_op *op,  struct dpaa_sec_qp *qp)
>   			return ret;
>   	}
>   
> +	/*
> +	 * Segmented buffer is not supported.
> +	 */
> +        if (!rte_pktmbuf_is_contiguous(op->sym->m_src)) {
> +                op->status = RTE_CRYPTO_OP_STATUS_ERROR;
> +                return -ENOTSUP;
> +        }
>   	if (is_auth_only(ses)) {
>   		cf = build_auth_only(op, ses);
>   	} else if (is_cipher_only(ses)) {
> 
It looks there are some checkpatch errors.

[dpdk-dev] [PATCH v2] crypto/dpaa_sec: add check for segmented buffer

[alok.makhariya]

From: Alok Makhariya <alok.makhariya@nxp.com>

The code would crash in case of segmented buffer if no check

Fixes: 89aaf708d44b ("crypto/dpaa_sec: add crypto driver for NXP DPAA platform")

Signed-off-by: Alok Makhariya <alok.makhariya@nxp.com>
---
 drivers/crypto/dpaa_sec/dpaa_sec.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c b/drivers/crypto/dpaa_sec/dpaa_sec.c
index 7b9a683..bd13d8c 100644
--- a/drivers/crypto/dpaa_sec/dpaa_sec.c
+++ b/drivers/crypto/dpaa_sec/dpaa_sec.c
@@ -893,6 +893,13 @@ dpaa_sec_enqueue_op(struct rte_crypto_op *op,  struct dpaa_sec_qp *qp)
 			return ret;
 	}
 
+	/*
+	 * Segmented buffer is not supported.
+	 */
+	if (!rte_pktmbuf_is_contiguous(op->sym->m_src)) {
+		op->status = RTE_CRYPTO_OP_STATUS_ERROR;
+		return -ENOTSUP;
+	}
 	if (is_auth_only(ses)) {
 		cf = build_auth_only(op, ses);
 	} else if (is_cipher_only(ses)) {
-- 
2.9.3

[dpdk-dev] [PATCH v2] crypto/dpaa2_sec: add check for segmented buffer

[alok.makhariya]

From: Alok Makhariya <alok.makhariya@nxp.com>

The code would crash for segmented buffer if no check.

Fixes: 8d1f3a5d751b ("crypto/dpaa2_sec: support crypto operation")
Cc: stable@dpdk.org

Signed-off-by: Alok Makhariya <alok.makhariya@nxp.com>
---
 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
index 672cacf..b33081c 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
@@ -551,7 +551,13 @@ build_sec_fd(dpaa2_sec_session *sess, struct rte_crypto_op *op,
 	int ret = -1;
 
 	PMD_INIT_FUNC_TRACE();
-
+	/*
+	 * Segmented buffer is not supported.
+	 */
+	if (!rte_pktmbuf_is_contiguous(op->sym->m_src)) {
+		op->status = RTE_CRYPTO_OP_STATUS_ERROR;
+		return -ENOTSUP;
+	}
 	switch (sess->ctxt_type) {
 	case DPAA2_SEC_CIPHER:
 		ret = build_cipher_fd(sess, op, fd, bpid);
-- 
2.9.3

Re: [dpdk-dev] [PATCH v2] crypto/dpaa2_sec: add check for segmented buffer

[Akhil Goyal]

On 10/13/2017 9:08 PM, alok.makhariya@nxp.com wrote:
> From: Alok Makhariya <alok.makhariya@nxp.com>
> 
> The code would crash for segmented buffer if no check.
> 
> Fixes: 8d1f3a5d751b ("crypto/dpaa2_sec: support crypto operation")
> Cc: stable@dpdk.org
> 
> Signed-off-by: Alok Makhariya <alok.makhariya@nxp.com>
> ---
>   drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 8 +++++++-
>   1 file changed, 7 insertions(+), 1 deletion(-)
> 
> diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
> index 672cacf..b33081c 100644
> --- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
> +++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
> @@ -551,7 +551,13 @@ build_sec_fd(dpaa2_sec_session *sess, struct rte_crypto_op *op,
>   	int ret = -1;
>   
>   	PMD_INIT_FUNC_TRACE();
> -
> +	/*
> +	 * Segmented buffer is not supported.
> +	 */
> +	if (!rte_pktmbuf_is_contiguous(op->sym->m_src)) {
> +		op->status = RTE_CRYPTO_OP_STATUS_ERROR;
> +		return -ENOTSUP;
> +	}
>   	switch (sess->ctxt_type) {
>   	case DPAA2_SEC_CIPHER:
>   		ret = build_cipher_fd(sess, op, fd, bpid);
> 
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>

Re: [dpdk-dev] [PATCH v2] crypto/dpaa_sec: add check for segmented buffer

[Akhil Goyal]

On 10/13/2017 9:07 PM, alok.makhariya@nxp.com wrote:
> From: Alok Makhariya <alok.makhariya@nxp.com>
> 
> The code would crash in case of segmented buffer if no check
> 
> Fixes: 89aaf708d44b ("crypto/dpaa_sec: add crypto driver for NXP DPAA platform")
> 
> Signed-off-by: Alok Makhariya <alok.makhariya@nxp.com>
> ---
>   drivers/crypto/dpaa_sec/dpaa_sec.c | 7 +++++++
>   1 file changed, 7 insertions(+)
> 
> diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c b/drivers/crypto/dpaa_sec/dpaa_sec.c
> index 7b9a683..bd13d8c 100644
> --- a/drivers/crypto/dpaa_sec/dpaa_sec.c
> +++ b/drivers/crypto/dpaa_sec/dpaa_sec.c
> @@ -893,6 +893,13 @@ dpaa_sec_enqueue_op(struct rte_crypto_op *op,  struct dpaa_sec_qp *qp)
>   			return ret;
>   	}
>   
> +	/*
> +	 * Segmented buffer is not supported.
> +	 */
> +	if (!rte_pktmbuf_is_contiguous(op->sym->m_src)) {
> +		op->status = RTE_CRYPTO_OP_STATUS_ERROR;
> +		return -ENOTSUP;
> +	}
>   	if (is_auth_only(ses)) {
>   		cf = build_auth_only(op, ses);
>   	} else if (is_cipher_only(ses)) {
> 
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>

Re: [dpdk-dev] [PATCH] crypto/dpaa_sec: remove memset of icv on decryption side

[De Lara Guarch, Pablo]

> -----Original Message-----
> From: Akhil Goyal [mailto:akhil.goyal@nxp.com]
> Sent: Friday, October 13, 2017 3:23 PM
> To: alok.makhariya@nxp.com; dev@dpdk.org
> Cc: De Lara Guarch, Pablo <pablo.de.lara.guarch@intel.com>;
> hemant.agrawal@nxp.com
> Subject: Re: [PATCH] crypto/dpaa_sec: remove memset of icv on decryption
> side
> 
> On 10/12/2017 6:37 PM, alok.makhariya@nxp.com wrote:
> > From: Alok Makhariya <alok.makhariya@nxp.com>
> >
> > Since the packet lengths are modified. It is not required to
> > explicitly reset the icv.
> > Fixes: 89aaf708d44b ("crypto/dpaa_sec: add crypto driver for NXP DPAA
> > platform")
> >
> > Signed-off-by: Alok Makhariya <alok.makhariya@nxp.com>

...

> Acked-by Akhil Goyal <akhil.goyal@nxp.com>

Applied to dpdk-next-crypto.
Thanks,

Pablo

Re: [dpdk-dev] [PATCH] crypto/dpaa2_sec: remove memset of icv on decryption side

[De Lara Guarch, Pablo]

> -----Original Message-----
> From: Akhil Goyal [mailto:akhil.goyal@nxp.com]
> Sent: Friday, October 13, 2017 3:24 PM
> To: alok.makhariya@nxp.com; dev@dpdk.org
> Cc: De Lara Guarch, Pablo <pablo.de.lara.guarch@intel.com>;
> hemant.agrawal@nxp.com; stable@dpdk.org
> Subject: Re: [PATCH] crypto/dpaa2_sec: remove memset of icv on
> decryption side
> 
> On 10/12/2017 6:37 PM, alok.makhariya@nxp.com wrote:
> > From: Alok Makhariya <alok.makhariya@nxp.com>
> >
> > Since the packet lengths are modified. It is not required to
> > explicitly reset the icv.
> >
> > Fixes: 13273250eec5 ("crypto/dpaa2_sec: support AES-GCM and CTR")
> > Fixes: 8d1f3a5d751b ("crypto/dpaa2_sec: support crypto operation")
> > Cc: stable@dpdk.org
> >
> > Signed-off-by: Alok Makhariya <alok.makhariya@nxp.com>

...

> Acked-by: Akhil Goyal <akhil.goyal@nxp.com>

Applied to dpdk-next-crypto.
Thanks,

Pablo

Re: [dpdk-dev] [PATCH] crypto/dpaa2_sec: add support for out of place buffers

[De Lara Guarch, Pablo]

> -----Original Message-----
> From: Akhil Goyal [mailto:akhil.goyal@nxp.com]
> Sent: Friday, October 13, 2017 3:25 PM
> To: alok.makhariya@nxp.com; dev@dpdk.org
> Cc: De Lara Guarch, Pablo <pablo.de.lara.guarch@intel.com>;
> hemant.agrawal@nxp.com
> Subject: Re: [PATCH] crypto/dpaa2_sec: add support for out of place
> buffers
> 
> On 10/12/2017 6:37 PM, alok.makhariya@nxp.com wrote:
> > From: Alok Makhariya <alok.makhariya@nxp.com>
> >
> > Enable out of place buffer test cases in nxp dpaa2_sec
> >
> > Signed-off-by: Alok Makhariya <alok.makhariya@nxp.com>
> > ---
> >   drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 42
> +++++++++++++++++++++++------
> >   test/test/test_cryptodev.c                  |  6 +++++
> >   test/test/test_cryptodev_aes_test_vectors.h | 12 ++++++---
> >   test/test/test_cryptodev_des_test_vectors.h |  6 +++--
> >   4 files changed, 52 insertions(+), 14 deletions(-)
> >
> 
> Acked-by: Akhil Goyal <akhil.goyal@nxp.com>

Applied to dpdk-next-crypto.
Thanks,

Pablo

Re: [dpdk-dev] [PATCH] crypto/dpaa_sec: add support for out of place buffers

[De Lara Guarch, Pablo]

> -----Original Message-----
> From: Akhil Goyal [mailto:akhil.goyal@nxp.com]
> Sent: Friday, October 13, 2017 3:26 PM
> To: alok.makhariya@nxp.com; dev@dpdk.org
> Cc: De Lara Guarch, Pablo <pablo.de.lara.guarch@intel.com>;
> hemant.agrawal@nxp.com
> Subject: Re: [PATCH] crypto/dpaa_sec: add support for out of place buffers
> 
> On 10/12/2017 6:37 PM, alok.makhariya@nxp.com wrote:
> > From: Alok Makhariya <alok.makhariya@nxp.com>
> >
> > Enable out of place buffer test cases in dpaa_sec
> >
> > Signed-off-by: Alok Makhariya <alok.makhariya@nxp.com>
> > ---
> >   drivers/crypto/dpaa_sec/dpaa_sec.c          | 45 +++++++++++++++++++-
> ---------
> >   test/test/test_cryptodev.c                  |  6 ++++
> >   test/test/test_cryptodev_aes_test_vectors.h | 12 +++++---
> >   test/test/test_cryptodev_des_test_vectors.h |  6 ++--
> >   4 files changed, 47 insertions(+), 22 deletions(-)
> >
> 
> Acked-by: Akhil Goyal <akhil.goyal@nxp.com>

One note here. This patch depends on the dpaa2_sec patch.
For next time, either state the dependency or send both as a patchset.

Applied to dpdk-next-crypto.
Thanks,

Pablo

Re: [dpdk-dev] [PATCH v2] crypto/dpaa2_sec: add check for segmented buffer

[De Lara Guarch, Pablo]

> -----Original Message-----
> From: Akhil Goyal [mailto:akhil.goyal@nxp.com]
> Sent: Friday, October 13, 2017 4:45 PM
> To: alok.makhariya@nxp.com; dev@dpdk.org
> Cc: De Lara Guarch, Pablo <pablo.de.lara.guarch@intel.com>;
> hemant.agrawal@nxp.com; stable@dpdk.org
> Subject: Re: [PATCH v2] crypto/dpaa2_sec: add check for segmented buffer
> 
> On 10/13/2017 9:08 PM, alok.makhariya@nxp.com wrote:
> > From: Alok Makhariya <alok.makhariya@nxp.com>
> >
> > The code would crash for segmented buffer if no check.
> >
> > Fixes: 8d1f3a5d751b ("crypto/dpaa2_sec: support crypto operation")
> > Cc: stable@dpdk.org
> >
> > Signed-off-by: Alok Makhariya <alok.makhariya@nxp.com>
> > ---
> >   drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 8 +++++++-
> >   1 file changed, 7 insertions(+), 1 deletion(-)
> >
> > diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
> b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
> > index 672cacf..b33081c 100644
> > --- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
> > +++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
> > @@ -551,7 +551,13 @@ build_sec_fd(dpaa2_sec_session *sess, struct
> rte_crypto_op *op,
> >   	int ret = -1;
> >
> >   	PMD_INIT_FUNC_TRACE();
> > -
> > +	/*
> > +	 * Segmented buffer is not supported.
> > +	 */
> > +	if (!rte_pktmbuf_is_contiguous(op->sym->m_src)) {
> > +		op->status = RTE_CRYPTO_OP_STATUS_ERROR;
> > +		return -ENOTSUP;
> > +	}
> >   	switch (sess->ctxt_type) {
> >   	case DPAA2_SEC_CIPHER:
> >   		ret = build_cipher_fd(sess, op, fd, bpid);
> >
> Acked-by: Akhil Goyal <akhil.goyal@nxp.com>

Applied to dpdk-next-crypto.
Thanks,

Pablo

Re: [dpdk-dev] [PATCH v2] crypto/dpaa_sec: add check for segmented buffer

[De Lara Guarch, Pablo]

> -----Original Message-----
> From: Akhil Goyal [mailto:akhil.goyal@nxp.com]
> Sent: Friday, October 13, 2017 4:45 PM
> To: alok.makhariya@nxp.com; dev@dpdk.org
> Cc: De Lara Guarch, Pablo <pablo.de.lara.guarch@intel.com>;
> hemant.agrawal@nxp.com
> Subject: Re: [PATCH v2] crypto/dpaa_sec: add check for segmented buffer
> 
> On 10/13/2017 9:07 PM, alok.makhariya@nxp.com wrote:
> > From: Alok Makhariya <alok.makhariya@nxp.com>
> >
> > The code would crash in case of segmented buffer if no check
> >
> > Fixes: 89aaf708d44b ("crypto/dpaa_sec: add crypto driver for NXP DPAA
> platform")
> >
> > Signed-off-by: Alok Makhariya <alok.makhariya@nxp.com>
> > ---
> >   drivers/crypto/dpaa_sec/dpaa_sec.c | 7 +++++++
> >   1 file changed, 7 insertions(+)
> >
> > diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c
> b/drivers/crypto/dpaa_sec/dpaa_sec.c
> > index 7b9a683..bd13d8c 100644
> > --- a/drivers/crypto/dpaa_sec/dpaa_sec.c
> > +++ b/drivers/crypto/dpaa_sec/dpaa_sec.c
> > @@ -893,6 +893,13 @@ dpaa_sec_enqueue_op(struct rte_crypto_op
> *op,  struct dpaa_sec_qp *qp)
> >   			return ret;
> >   	}
> >
> > +	/*
> > +	 * Segmented buffer is not supported.
> > +	 */
> > +	if (!rte_pktmbuf_is_contiguous(op->sym->m_src)) {
> > +		op->status = RTE_CRYPTO_OP_STATUS_ERROR;
> > +		return -ENOTSUP;
> > +	}
> >   	if (is_auth_only(ses)) {
> >   		cf = build_auth_only(op, ses);
> >   	} else if (is_cipher_only(ses)) {
> >
> Acked-by: Akhil Goyal <akhil.goyal@nxp.com>

Applied to dpdk-next-crypto.
Thanks,

Pablo

Re: [dpdk-dev] [PATCH] crypto/dpaa2_sec: add support for out of place buffers

[De Lara Guarch, Pablo]

> -----Original Message-----
> From: dev [mailto:dev-bounces@dpdk.org] On Behalf Of De Lara Guarch,
> Pablo
> Sent: Monday, October 16, 2017 12:33 PM
> To: Akhil Goyal <akhil.goyal@nxp.com>; alok.makhariya@nxp.com;
> dev@dpdk.org
> Cc: hemant.agrawal@nxp.com
> Subject: Re: [dpdk-dev] [PATCH] crypto/dpaa2_sec: add support for out of
> place buffers
> 
> 
> 
> > -----Original Message-----
> > From: Akhil Goyal [mailto:akhil.goyal@nxp.com]
> > Sent: Friday, October 13, 2017 3:25 PM
> > To: alok.makhariya@nxp.com; dev@dpdk.org
> > Cc: De Lara Guarch, Pablo <pablo.de.lara.guarch@intel.com>;
> > hemant.agrawal@nxp.com
> > Subject: Re: [PATCH] crypto/dpaa2_sec: add support for out of place
> > buffers
> >
> > On 10/12/2017 6:37 PM, alok.makhariya@nxp.com wrote:
> > > From: Alok Makhariya <alok.makhariya@nxp.com>
> > >
> > > Enable out of place buffer test cases in nxp dpaa2_sec
> > >
> > > Signed-off-by: Alok Makhariya <alok.makhariya@nxp.com>
> > > ---
> > >   drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 42
> > +++++++++++++++++++++++------
> > >   test/test/test_cryptodev.c                  |  6 +++++
> > >   test/test/test_cryptodev_aes_test_vectors.h | 12 ++++++---
> > >   test/test/test_cryptodev_des_test_vectors.h |  6 +++--
> > >   4 files changed, 52 insertions(+), 14 deletions(-)
> > >
> >
> > Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
> 
> Applied to dpdk-next-crypto.
> Thanks,
> 
> Pablo

Sorry, but I forgot to compile the tests and I am getting a compilation error,
so I have removed this and dpaa_sec patches from the subtree.

test/test/test_cryptodev.c:8733:4: error: ‘test_mb_AES_GCM_authenticated_encryption_oop’
undeclared here (not in a function)
    test_mb_AES_GCM_authenticated_encryption_oop),
    ^

This function does not exist anymore and it was actually added for QAT testsuite, which looks wrong.

Could you send another version of these two patches?

Thanks,
Pablo

[dpdk-dev] [PATCH v2 1/2] crypto/dpaa2_sec: add support for out of place buffers

[alok.makhariya]

From: Alok Makhariya <alok.makhariya@nxp.com>

Enable out of place buffer test cases in nxp dpaa2_sec

Signed-off-by: Alok Makhariya <alok.makhariya@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
---
changes in v2:
corrected compilation issues in test

 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 42 +++++++++++++++++++++++------
 test/test/test_cryptodev.c                  |  6 +++++
 test/test/test_cryptodev_aes_test_vectors.h | 12 ++++++---
 test/test/test_cryptodev_des_test_vectors.h |  6 +++--
 4 files changed, 52 insertions(+), 14 deletions(-)

diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
index 0a466ba..c67548e 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
@@ -90,11 +90,17 @@ build_authenc_gcm_fd(dpaa2_sec_session *sess,
 	uint32_t auth_only_len = sess->ext_params.aead_ctxt.auth_only_len;
 	int icv_len = sess->digest_length, retval;
 	uint8_t *old_icv;
+	struct rte_mbuf *dst;
 	uint8_t *IV_ptr = rte_crypto_op_ctod_offset(op, uint8_t *,
 			sess->iv.offset);
 
 	PMD_INIT_FUNC_TRACE();
 
+	if (sym_op->m_dst)
+		dst = sym_op->m_dst;
+	else
+		dst = sym_op->m_src;
+
 	/* TODO we are using the first FLE entry to store Mbuf and session ctxt.
 	 * Currently we donot know which FLE has the mbuf stored.
 	 * So while retreiving we can go back 1 FLE from the FD -ADDR
@@ -155,9 +161,9 @@ build_authenc_gcm_fd(dpaa2_sec_session *sess,
 	DPAA2_SET_FLE_SG_EXT(fle);
 
 	/* Configure Output SGE for Encap/Decap */
-	DPAA2_SET_FLE_ADDR(sge, DPAA2_MBUF_VADDR_TO_IOVA(sym_op->m_src));
+	DPAA2_SET_FLE_ADDR(sge, DPAA2_MBUF_VADDR_TO_IOVA(dst));
 	DPAA2_SET_FLE_OFFSET(sge, sym_op->aead.data.offset +
-				sym_op->m_src->data_off - auth_only_len);
+				dst->data_off - auth_only_len);
 	sge->length = sym_op->aead.data.length + auth_only_len;
 
 	if (sess->dir == DIR_ENC) {
@@ -235,9 +241,15 @@ build_authenc_fd(dpaa2_sec_session *sess,
 	uint8_t *old_icv;
 	uint8_t *iv_ptr = rte_crypto_op_ctod_offset(op, uint8_t *,
 			sess->iv.offset);
+	struct rte_mbuf *dst;
 
 	PMD_INIT_FUNC_TRACE();
 
+	if (sym_op->m_dst)
+		dst = sym_op->m_dst;
+	else
+		dst = sym_op->m_src;
+
 	/* we are using the first FLE entry to store Mbuf.
 	 * Currently we donot know which FLE has the mbuf stored.
 	 * So while retreiving we can go back 1 FLE from the FD -ADDR
@@ -300,9 +312,9 @@ build_authenc_fd(dpaa2_sec_session *sess,
 	DPAA2_SET_FLE_SG_EXT(fle);
 
 	/* Configure Output SGE for Encap/Decap */
-	DPAA2_SET_FLE_ADDR(sge, DPAA2_MBUF_VADDR_TO_IOVA(sym_op->m_src));
+	DPAA2_SET_FLE_ADDR(sge, DPAA2_MBUF_VADDR_TO_IOVA(dst));
 	DPAA2_SET_FLE_OFFSET(sge, sym_op->cipher.data.offset +
-				sym_op->m_src->data_off);
+				dst->data_off);
 	sge->length = sym_op->cipher.data.length;
 
 	if (sess->dir == DIR_ENC) {
@@ -456,9 +468,15 @@ build_cipher_fd(dpaa2_sec_session *sess, struct rte_crypto_op *op,
 	struct ctxt_priv *priv = sess->ctxt;
 	uint8_t *iv_ptr = rte_crypto_op_ctod_offset(op, uint8_t *,
 			sess->iv.offset);
+	struct rte_mbuf *dst;
 
 	PMD_INIT_FUNC_TRACE();
 
+	if (sym_op->m_dst)
+		dst = sym_op->m_dst;
+	else
+		dst = sym_op->m_src;
+
 	retval = rte_mempool_get(priv->fle_pool, (void **)(&fle));
 	if (retval) {
 		RTE_LOG(ERR, PMD, "Memory alloc failed for SGE\n");
@@ -503,9 +521,9 @@ build_cipher_fd(dpaa2_sec_session *sess, struct rte_crypto_op *op,
 		   sess->iv.length,
 		   sym_op->m_src->data_off);
 
-	DPAA2_SET_FLE_ADDR(fle, DPAA2_MBUF_VADDR_TO_IOVA(sym_op->m_src));
+	DPAA2_SET_FLE_ADDR(fle, DPAA2_MBUF_VADDR_TO_IOVA(dst));
 	DPAA2_SET_FLE_OFFSET(fle, sym_op->cipher.data.offset +
-			     sym_op->m_src->data_off);
+			     dst->data_off);
 
 	fle->length = sym_op->cipher.data.length + sess->iv.length;
 
@@ -657,6 +675,7 @@ sec_fd_to_mbuf(const struct qbman_fd *fd)
 	struct qbman_fle *fle;
 	struct rte_crypto_op *op;
 	struct ctxt_priv *priv;
+	struct rte_mbuf *dst, *src;
 
 	fle = (struct qbman_fle *)DPAA2_IOVA_TO_VADDR(DPAA2_GET_FD_ADDR(fd));
 
@@ -679,10 +698,17 @@ sec_fd_to_mbuf(const struct qbman_fd *fd)
 			DPAA2_GET_FLE_ADDR((fle - 1)));
 
 	/* Prefeth op */
-	rte_prefetch0(op->sym->m_src);
+	src = op->sym->m_src;
+	rte_prefetch0(src);
+
+	if (op->sym->m_dst) {
+		dst = op->sym->m_dst;
+		rte_prefetch0(dst);
+	} else
+		dst = src;
 
 	PMD_RX_LOG(DEBUG, "mbuf %p BMAN buf addr %p",
-		   (void *)op->sym->m_src, op->sym->m_src->buf_addr);
+		   (void *)dst, dst->buf_addr);
 
 	PMD_RX_LOG(DEBUG, "fdaddr =%p bpid =%d meta =%d off =%d, len =%d",
 		   (void *)DPAA2_GET_FD_ADDR(fd),
diff --git a/test/test/test_cryptodev.c b/test/test/test_cryptodev.c
index a926779..cb9b486 100644
--- a/test/test/test_cryptodev.c
+++ b/test/test/test_cryptodev.c
@@ -9491,6 +9491,12 @@ static struct unit_test_suite cryptodev_dpaa2_sec_testsuite  = {
 		TEST_CASE_ST(ut_setup, ut_teardown,
 			test_AES_GCM_auth_decryption_test_case_256_7),
 
+		/** Out of place tests */
+		TEST_CASE_ST(ut_setup, ut_teardown,
+			test_AES_GCM_authenticated_encryption_oop_test_case_1),
+		TEST_CASE_ST(ut_setup, ut_teardown,
+			test_AES_GCM_authenticated_decryption_oop_test_case_1),
+
 		TEST_CASES_END() /**< NULL terminate unit test array */
 	}
 };
diff --git a/test/test/test_cryptodev_aes_test_vectors.h b/test/test/test_cryptodev_aes_test_vectors.h
index e9773b5..050d868 100644
--- a/test/test/test_cryptodev_aes_test_vectors.h
+++ b/test/test/test_cryptodev_aes_test_vectors.h
@@ -1445,7 +1445,8 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_ARMV8 |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
-			BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL
+			BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
+			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC
 	},
 	{
 		.test_descr = "AES-128-CBC HMAC-SHA1 Decryption Digest "
@@ -1455,7 +1456,8 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_ARMV8 |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
-			BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL
+			BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
+			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC
 	},
 	{
 		.test_descr = "AES-128-CBC HMAC-SHA224 Encryption Digest",
@@ -1611,7 +1613,8 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 		.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
-			BLOCKCIPHER_TEST_TARGET_PMD_QAT
+			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC
 	},
 	{
 		.test_descr = "AES-256-CBC OOP Decryption",
@@ -1619,7 +1622,8 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 		.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
-			BLOCKCIPHER_TEST_TARGET_PMD_QAT
+			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC
 	},
 	{
 		.test_descr = "AES-128-CTR Encryption",
diff --git a/test/test/test_cryptodev_des_test_vectors.h b/test/test/test_cryptodev_des_test_vectors.h
index 05265ae..0602df7 100644
--- a/test/test/test_cryptodev_des_test_vectors.h
+++ b/test/test/test_cryptodev_des_test_vectors.h
@@ -1187,7 +1187,8 @@ static const struct blockcipher_test_case triple_des_chain_test_cases[] = {
 		.op_mask = BLOCKCIPHER_TEST_OP_ENC_AUTH_GEN,
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
-			BLOCKCIPHER_TEST_TARGET_PMD_QAT
+			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC
 	},
 	{
 		.test_descr = "3DES-128-CBC HMAC-SHA1 Decryption Digest"
@@ -1196,7 +1197,8 @@ static const struct blockcipher_test_case triple_des_chain_test_cases[] = {
 		.op_mask = BLOCKCIPHER_TEST_OP_AUTH_VERIFY_DEC,
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
-			BLOCKCIPHER_TEST_TARGET_PMD_QAT
+			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC
 	},
 	{
 		.test_descr = "3DES-128-CBC HMAC-SHA1 Encryption Digest"
-- 
2.9.3

[dpdk-dev] [PATCH v2 2/2] crypto/dpaa_sec: add support for out of place buffers

[alok.makhariya]

From: Alok Makhariya <alok.makhariya@nxp.com>

Enable out of place buffer test cases in dpaa_sec

Signed-off-by: Alok Makhariya <alok.makhariya@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
---
changes in v2:
corrected compilation issues in test

 drivers/crypto/dpaa_sec/dpaa_sec.c          | 46 ++++++++++++++++++-----------
 test/test/test_cryptodev.c                  |  6 ++++
 test/test/test_cryptodev_aes_test_vectors.h | 12 +++++---
 test/test/test_cryptodev_des_test_vectors.h |  6 ++--
 4 files changed, 47 insertions(+), 23 deletions(-)

diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c b/drivers/crypto/dpaa_sec/dpaa_sec.c
index 53f004e..26a29a4 100644
--- a/drivers/crypto/dpaa_sec/dpaa_sec.c
+++ b/drivers/crypto/dpaa_sec/dpaa_sec.c
@@ -623,11 +623,10 @@ static inline struct dpaa_sec_job *
 build_cipher_only(struct rte_crypto_op *op, dpaa_sec_session *ses)
 {
 	struct rte_crypto_sym_op *sym = op->sym;
-	struct rte_mbuf *mbuf = sym->m_src;
 	struct dpaa_sec_job *cf;
 	struct dpaa_sec_op_ctx *ctx;
 	struct qm_sg_entry *sg;
-	phys_addr_t start_addr;
+	phys_addr_t src_start_addr, dst_start_addr;
 	uint8_t *IV_ptr = rte_crypto_op_ctod_offset(op, uint8_t *,
 			ses->iv.offset);
 
@@ -637,11 +636,17 @@ build_cipher_only(struct rte_crypto_op *op, dpaa_sec_session *ses)
 
 	cf = &ctx->job;
 	ctx->op = op;
-	start_addr = rte_pktmbuf_mtophys(mbuf);
+
+	src_start_addr = rte_pktmbuf_mtophys(sym->m_src);
+
+	if (sym->m_dst)
+		dst_start_addr = rte_pktmbuf_mtophys(sym->m_dst);
+	else
+		dst_start_addr = src_start_addr;
 
 	/* output */
 	sg = &cf->sg[0];
-	qm_sg_entry_set64(sg, start_addr + sym->cipher.data.offset);
+	qm_sg_entry_set64(sg, dst_start_addr + sym->cipher.data.offset);
 	sg->length = sym->cipher.data.length + ses->iv.length;
 	cpu_to_hw_sg(sg);
 
@@ -661,7 +666,7 @@ build_cipher_only(struct rte_crypto_op *op, dpaa_sec_session *ses)
 	cpu_to_hw_sg(sg);
 
 	sg++;
-	qm_sg_entry_set64(sg, start_addr + sym->cipher.data.offset);
+	qm_sg_entry_set64(sg, src_start_addr + sym->cipher.data.offset);
 	sg->length = sym->cipher.data.length;
 	sg->final = 1;
 	cpu_to_hw_sg(sg);
@@ -673,16 +678,20 @@ static inline struct dpaa_sec_job *
 build_cipher_auth_gcm(struct rte_crypto_op *op, dpaa_sec_session *ses)
 {
 	struct rte_crypto_sym_op *sym = op->sym;
-	struct rte_mbuf *mbuf = sym->m_src;
 	struct dpaa_sec_job *cf;
 	struct dpaa_sec_op_ctx *ctx;
 	struct qm_sg_entry *sg;
-	phys_addr_t start_addr;
 	uint32_t length = 0;
+	phys_addr_t src_start_addr, dst_start_addr;
 	uint8_t *IV_ptr = rte_crypto_op_ctod_offset(op, uint8_t *,
 			ses->iv.offset);
 
-	start_addr = mbuf->buf_physaddr + mbuf->data_off;
+	src_start_addr = sym->m_src->buf_physaddr + sym->m_src->data_off;
+
+	if (sym->m_dst)
+		dst_start_addr = sym->m_dst->buf_physaddr + sym->m_dst->data_off;
+	else
+		dst_start_addr = src_start_addr;
 
 	ctx = dpaa_sec_alloc_ctx(ses);
 	if (!ctx)
@@ -710,7 +719,7 @@ build_cipher_auth_gcm(struct rte_crypto_op *op, dpaa_sec_session *ses)
 			cpu_to_hw_sg(sg);
 			sg++;
 		}
-		qm_sg_entry_set64(sg, start_addr + sym->aead.data.offset);
+		qm_sg_entry_set64(sg, src_start_addr + sym->aead.data.offset);
 		sg->length = sym->aead.data.length;
 		length += sg->length;
 		sg->final = 1;
@@ -730,7 +739,7 @@ build_cipher_auth_gcm(struct rte_crypto_op *op, dpaa_sec_session *ses)
 			cpu_to_hw_sg(sg);
 			sg++;
 		}
-		qm_sg_entry_set64(sg, start_addr + sym->aead.data.offset);
+		qm_sg_entry_set64(sg, src_start_addr + sym->aead.data.offset);
 		sg->length = sym->aead.data.length;
 		length += sg->length;
 		cpu_to_hw_sg(sg);
@@ -755,7 +764,7 @@ build_cipher_auth_gcm(struct rte_crypto_op *op, dpaa_sec_session *ses)
 	sg++;
 	qm_sg_entry_set64(&cf->sg[0], dpaa_mem_vtop(sg));
 	qm_sg_entry_set64(sg,
-		start_addr + sym->aead.data.offset - ses->auth_only_len);
+		dst_start_addr + sym->aead.data.offset - ses->auth_only_len);
 	sg->length = sym->aead.data.length + ses->auth_only_len;
 	length = sg->length;
 	if (is_encode(ses)) {
@@ -781,16 +790,19 @@ static inline struct dpaa_sec_job *
 build_cipher_auth(struct rte_crypto_op *op, dpaa_sec_session *ses)
 {
 	struct rte_crypto_sym_op *sym = op->sym;
-	struct rte_mbuf *mbuf = sym->m_src;
 	struct dpaa_sec_job *cf;
 	struct dpaa_sec_op_ctx *ctx;
 	struct qm_sg_entry *sg;
-	phys_addr_t start_addr;
+	phys_addr_t src_start_addr, dst_start_addr;
 	uint32_t length = 0;
 	uint8_t *IV_ptr = rte_crypto_op_ctod_offset(op, uint8_t *,
 			ses->iv.offset);
 
-	start_addr = mbuf->buf_physaddr + mbuf->data_off;
+	src_start_addr = sym->m_src->buf_physaddr + sym->m_src->data_off;
+	if (sym->m_dst)
+		dst_start_addr = sym->m_dst->buf_physaddr + sym->m_dst->data_off;
+	else
+		dst_start_addr = src_start_addr;
 
 	ctx = dpaa_sec_alloc_ctx(ses);
 	if (!ctx)
@@ -810,7 +822,7 @@ build_cipher_auth(struct rte_crypto_op *op, dpaa_sec_session *ses)
 		cpu_to_hw_sg(sg);
 
 		sg++;
-		qm_sg_entry_set64(sg, start_addr + sym->auth.data.offset);
+		qm_sg_entry_set64(sg, src_start_addr + sym->auth.data.offset);
 		sg->length = sym->auth.data.length;
 		length += sg->length;
 		sg->final = 1;
@@ -823,7 +835,7 @@ build_cipher_auth(struct rte_crypto_op *op, dpaa_sec_session *ses)
 
 		sg++;
 
-		qm_sg_entry_set64(sg, start_addr + sym->auth.data.offset);
+		qm_sg_entry_set64(sg, src_start_addr + sym->auth.data.offset);
 		sg->length = sym->auth.data.length;
 		length += sg->length;
 		cpu_to_hw_sg(sg);
@@ -847,7 +859,7 @@ build_cipher_auth(struct rte_crypto_op *op, dpaa_sec_session *ses)
 	/* output */
 	sg++;
 	qm_sg_entry_set64(&cf->sg[0], dpaa_mem_vtop(sg));
-	qm_sg_entry_set64(sg, start_addr + sym->cipher.data.offset);
+	qm_sg_entry_set64(sg, dst_start_addr + sym->cipher.data.offset);
 	sg->length = sym->cipher.data.length;
 	length = sg->length;
 	if (is_encode(ses)) {
diff --git a/test/test/test_cryptodev.c b/test/test/test_cryptodev.c
index cb9b486..72988c5 100644
--- a/test/test/test_cryptodev.c
+++ b/test/test/test_cryptodev.c
@@ -9370,6 +9370,12 @@ static struct unit_test_suite cryptodev_dpaa_sec_testsuite  = {
 		TEST_CASE_ST(ut_setup, ut_teardown,
 			test_AES_GCM_auth_decryption_test_case_256_7),
 
+		/** Out of place tests */
+		TEST_CASE_ST(ut_setup, ut_teardown,
+			test_AES_GCM_authenticated_encryption_oop_test_case_1),
+		TEST_CASE_ST(ut_setup, ut_teardown,
+			test_AES_GCM_authenticated_decryption_oop_test_case_1),
+
 		TEST_CASES_END() /**< NULL terminate unit test array */
 	}
 };
diff --git a/test/test/test_cryptodev_aes_test_vectors.h b/test/test/test_cryptodev_aes_test_vectors.h
index 050d868..9c13041 100644
--- a/test/test/test_cryptodev_aes_test_vectors.h
+++ b/test/test/test_cryptodev_aes_test_vectors.h
@@ -1446,7 +1446,8 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_ARMV8 |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
-			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC
+			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC
 	},
 	{
 		.test_descr = "AES-128-CBC HMAC-SHA1 Decryption Digest "
@@ -1457,7 +1458,8 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_ARMV8 |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
-			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC
+			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC
 	},
 	{
 		.test_descr = "AES-128-CBC HMAC-SHA224 Encryption Digest",
@@ -1614,7 +1616,8 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
-			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC
+			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC
 	},
 	{
 		.test_descr = "AES-256-CBC OOP Decryption",
@@ -1623,7 +1626,8 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
-			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC
+			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC
 	},
 	{
 		.test_descr = "AES-128-CTR Encryption",
diff --git a/test/test/test_cryptodev_des_test_vectors.h b/test/test/test_cryptodev_des_test_vectors.h
index 0602df7..d09e23d 100644
--- a/test/test/test_cryptodev_des_test_vectors.h
+++ b/test/test/test_cryptodev_des_test_vectors.h
@@ -1188,7 +1188,8 @@ static const struct blockcipher_test_case triple_des_chain_test_cases[] = {
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
-			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC
+			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC
 	},
 	{
 		.test_descr = "3DES-128-CBC HMAC-SHA1 Decryption Digest"
@@ -1198,7 +1199,8 @@ static const struct blockcipher_test_case triple_des_chain_test_cases[] = {
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
-			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC
+			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC
 	},
 	{
 		.test_descr = "3DES-128-CBC HMAC-SHA1 Encryption Digest"
-- 
2.9.3

Re: [dpdk-dev] [PATCH v2 1/2] crypto/dpaa2_sec: add support for out of place buffers

[De Lara Guarch, Pablo]

> -----Original Message-----
> From: alok.makhariya@nxp.com [mailto:alok.makhariya@nxp.com]
> Sent: Sunday, October 22, 2017 8:36 PM
> To: dev@dpdk.org
> Cc: De Lara Guarch, Pablo <pablo.de.lara.guarch@intel.com>;
> hemant.agrawal@nxp.com; Alok Makhariya <alok.makhariya@nxp.com>
> Subject: [PATCH v2 1/2] crypto/dpaa2_sec: add support for out of place
> buffers
> 
> From: Alok Makhariya <alok.makhariya@nxp.com>
> 
> Enable out of place buffer test cases in nxp dpaa2_sec
> 
> Signed-off-by: Alok Makhariya <alok.makhariya@nxp.com>
> Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
> ---

Series applied to dpdk-next-crypto.
Thanks,

Pablo